Skip to content

PSS: Allow backend or state_store config to be passed via BackendOpts into method for initialising the operations backend for a command #37346

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

PSS: Allow backend or state_store config to be passed via BackendOpts into method for initialising the operations backend for a command #37346

wants to merge 2 commits into from

Conversation

SarahFrench
Copy link
Member

@SarahFrench SarahFrench commented Jul 18, 2025
edited
Loading

Context: #37321 (comment)
(I figured that the commit in this PR made sense to introduce into main on its own, separate to implementing further logic for PSS in the init command.)

This PR connects the code that can parse state_store configuration with new logic introduced in #37321 that allows Terraform to create an operations backend that uses PSS. Prior to this PR the logic in that PR couldn't be invoked, as BackendOpts.StateStoreConfig and BackendOpts.ProviderFactory are never set based on what's in the config.

Now the logic prepares different BackendOpts depending on the situation:

  • If PSS is in use: include state_store config and the provider factory needed for PSS in the BackendOpts value.
  • If a configured backend is in use: pass through backend config in the BackendOpts value.
  • If there's no config: pass through a minimal BackendOpts, as there is no config to pass through or other related fields.

Target Release

1.14.x

Rollback Plan

  • If a change needs to be reverted, we will roll out an update to the code within 7 days.

Changes to Security Controls

Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.

CHANGELOG entry

  • This change is user-facing and I added a changelog entry.
  • This change is not user-facing.

@SarahFrench SarahFrench added the no-changelog-needed Add this to your PR if the change does not require a changelog entry label Jul 18, 2025
@SarahFrench SarahFrench marked this pull request as ready for review July 18, 2025 13:55
@SarahFrench SarahFrench requested a review from a team as a code owner July 18, 2025 13:55
radeksimko
radeksimko reviewed Jul 21, 2025
View reviewed changes
Copy link
Member

@radeksimko radeksimko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM except for the one in-line comment

internal/command/init.go

// If overrides supplied by -backend-config CLI flag, process them
var configOverride hcl.Body
if len(*extraConfig.Items) > 0 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should be either checking for nil here or implement a safe Len() method on FlagNameValueSlice which checks for nil before de-referencing the pointer.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@radeksimko radeksimko radeksimko left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
no-changelog-needed Add this to your PR if the change does not require a changelog entry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@SarahFrench @radeksimko